BioPassword Introduces First Software Product to Deliver Multifactor Authentication Over the Internet Using Keystroke Dynamics

Submitted by Jeremy Drzal on Tue, 04/04/2006 - 9:01am

SEATTLE--(BUSINESS WIRE)--April 3, 2006--
Only BioPassword Internet Edition Harnesses Unique Typing Rhythms to Reduce Fraud in Online Banking, eCommerce, and Digital Rights Management

BioPassword, Inc., the only software company providing secure authentication and anti-fraud solutions based on the behavioral biometric of keystroke dynamics, today announced the industry's first multifactor authentication software solution that authenticates users and reduces fraud over the Internet. BioPassword(R) Internet Edition provides organizations the only unobtrusive and cost-effective solution for monitoring and enforcing authentication of online users based on a simple, yet powerful combination of the user's standard login credentials (userID and password) with the behavioral biometric of keystroke dynamics (their unique typing rhythm).

With 2.5 million Americans losing identifying credentials from phishing attacks, and the U.S. Federal Trade Commission reporting more than 255,000 identity theft complaints last year, government regulators are insisting financial services organizations follow guidelines to improve the authentication of customers. With simple userIDs and passwords inadequate against phishing, pharming and brute-force attacks, they must be combined with a second authentication factor, such as something you know (your mother's maiden name), something you are (a biometric) or something you have (i.e. a smart card). However, many of the current two-factor authentication solutions have proven impractical or impossibly expensive in the Internet environment.

For the last few years BioPassword has been protecting consumers' home PCs and laptops and the local networks of enterprise workgroups without the need for expensive tokens, cards or other specialized hardware. Now with BioPassword Internet Edition, the company's proven keystroke dynamics technology is extended to authenticate users over the Internet to prevent online fraud as well as authenticate the credentials of customers, partners and employees across the enterprise.

"Our customers' security has always been of critical importance to us," said Tom Robertson, SVP of Information Technology at Charter Bank, based in Bellevue, Washington. "With the rise in hacker incidents, we want to be on the cutting-edge of security technology innovations. BioPassword's new solution enables us to continue our commitment to preserving privacy and protecting against fraudulent activities. Now even if credentials were to be stolen, our customers will still be protected."

"Phishing attacks, identity theft and the loss of control of sensitive personal data are driving demand for stronger protection of personal data and stronger controls on access to that information," said Jon Oltsik, senior analyst at Enterprise Strategy Group. "As organizations increasingly adopt strong authentication solutions they need to look for the best ratio of cost to security. A software-based behavioral biometric, such as BioPassword, is well positioned to capitalize on this trend by being low cost to deploy and easy-to-use."

"With more than one billion consumers online every day, organizations are eager to adopt new strategies to counter the online fraud epidemic. Many cannot afford the costly hardware, management or support required by some solutions or do not want to burden customers with invasive steps to confirm their identities," said Mark Upson, CEO of BioPassword. "BioPassword approaches the security of competing technologies, including tokens, smart cards and other physical biometric alternatives, at a fraction of the cost."

New Product Features Include:

Authentication Enforcement -- BioPassword Internet Edition enables a second-factor authentication over the Internet without the need for user software installation or hardware besides a standard keyboard.

Fraud Monitoring -- Administrators can use 'template scoring' alone or in conjunction with other profiling characteristics to monitor the authentication patterns of groups or individuals and apply internal business rules that challenge suspicious users or limit data or access.

Enrollment Options -- Enrollment can be immediate, gradual for phased deployments or silent (does not require user notification).

User Transparency -- A Flash plug-in enables a broadly available, integrated Internet authentication solution using standard browsers.

Software Development Kit -- Includes guidance and a sample application for integrating the BioPassword .NET Web Service to easily implement BioPassword Internet Edition with any Web application.

Adaptive Learning -- BioPassword Internet Edition examines each users unique typing rhythm and continually refines authentication accuracy thereby strengthening their biometric template over time.

Privacy Protection -- Because only keystroke 'timings' are stored, not keystrokes or passwords, attacks using phishing, pharming or keystroke loggers are deterred.

Renewable -- Unlike other physical biometrics, keystroke dynamics can be easily changed if credentials are compromised by simply establishing a new password.

FFIEC Compliance -- FFIEC guidelines include behavioral biometrics and keystroke dynamics as an authentication technique that complies with its two-factor authentication requirements.

Availability and Pricing

BioPassword Internet Edition is available immediately. Standard pricing is a one-time software fee of $30,000, an ongoing maintenance fee of 15 percent, and a subscription fee starting at $1 per user.

To support banks, credit unions and other financial institutions responding to customer demands for additional security and guidance from the FFIEC on implementing two-factor authentication by the close of 2006, BioPassword is offering a Compliance Package which includes BioPassword(R) Internet Edition and 10,000 online user licenses (included for the first year) for $30,000 plus maintenance. The Compliance Package will be offered through October 31, 2006. For more information about the Compliance Package, please contact sales@biopassword.com.

About BioPassword

BioPassword, Inc. (www.biopassword.com), located in Issaquah, Washington, leads the market in delivering enterprise security software solutions for multifactor authentication and reducing fraud using the biometric science of keystroke dynamics. By creating a biometric template from user logon credentials in combination with a high-performance behavioral biometric processing engine, the device-independent authentication software is fast, accurate, transparent, scalable to millions of users and immediately deployable across the organization and the Internet without the need for expensive tokens, cards or other specialized hardware. Using BioPassword to monitor and authenticate users, organizations can quickly and cost-effectively implement secure access, comply with regulatory requirements, and reduce the risks of fraud.

BioPassword(R) is a registered trademark of BioPassword, Inc. All other trademarks and registered trademarks are the property of their respective owners.

Contacts
BioPassword, Inc.
Doug Wheeler, 425-649-1100
dougw@biopassword.com
or
Schwartz Communications, Inc.
Dara Sklar, 415-512-0770
biopassword@schwartz-pr.com

  • Share this
  • Printer-friendly version
  • LinkedIn
  • Twitter
  • Facebook
  • Google Buzz
  • Yahoo
  • Ping This!